*08:26*[Event][New] CT-RSA 2013: The Cryptographers' Track at RSA Conference

Submission: 3 September 2012

Notification: 26 October 2012

From February 25 to March 1

Location: San Francisco, USA

Get an update on changes of the IACR web-page here. For questions, contact *newsletter (at) iacr.org*.
You can also receive updates via:

To receive your credentials via mail again, please click here.

You can also access the full news archive.

Further sources to find out about changes are CryptoDB, ePrint RSS, ePrint Web, Event calender (iCal).

Submission: 3 September 2012

Notification: 26 October 2012

From February 25 to March 1

Location: San Francisco, USA

2012-05-25

Name: Peter Birkner

Topic: Efficient Arithmetic on Low-Genus Curves

Category: public-key cryptography

Description: Public key cryptosystems are almost always based on two problems in number theory, the discrete-logarithm problem and the factorisation of integers. In this\r\nthesis we treat certain aspects of both of these problems.\r\n

\r\nThe most crucial parts of a cryptosystem that is based on the discrete-logarithm problem are the group and the efficiency of the arithmetic in this group. In this work we have investigated divisor class groups of hyperelliptic curves of genus 2 and 3 over binary fields. We suggest certain curves such that the appropriate group is considered secure, and provide efficient arithmetic on these curves.\r\n

\r\nThe most important operation in curve-based cryptosystems is single-scalar multiplication of divisor classes. Therefore a very time-efficient arithmetic is necessary. Since scalar multiplication is almost always computed using double and-add algorithms (or variants of these), it stands to reason to develop efficient doubling and addition formulas. In case of elliptic curves it turned out that point halving is very efficient, and hence halve-and-add algorithms proved very successful and could even replace the double-and-add methods in some situations.\r\n

\r\nSo it is natural to ask if similar results can be obtained for hyperelliptic curves as well. For genus-2 curves we have developed explicit halving formulas which can in some settings even beat the doubling counterparts. For the high-speed case\r\non the genus-2 curves we also give a complete case study, that covers all special cases, depending on the polynomial representation of the divisor class.\r\n

\r\nWe have generalised this also to the genus-3 case and investigated several types of curves and developed explicit halving formulas. For some curves of a rather\r\ngeneral form we could even beat the doubling formulas by 10 to 20 field multiplications which is a speedup of about 30-40%. For the most common setting in\r\ngenus 3 we give (like in genus 2) a complete case study [...]

Name: Jens Zumbrägel

Topic: Public-key cryptography based on simple semirings

Category: public-key cryptography

Description:

The discrete logarithm problem is the basic ingredient of many\r\n public-key cryptosystems. It can be stated as follows: Given a\r\n cyclic group (*G*,?) of order *n*, a\r\n generator *g* of *G*, and another\r\n element *h*?*G*, find the unique\r\n integer *a*?[0,*n*) such that\r\n *h*=*g*ˆ*a*. The integer *a* is called\r\n the *discrete logarithm* of\r\n *h* to the base *g*.

There are key agreement protocols, public-key encryption schemes,\r\n and digital signatures employing the discrete logarithm problem.\r\n One example is the Diffie-Hellman key agreement protocol. It allows\r\n two parties, A and B, to agree on a secret key over an insecure\r\n channel. In order to achieve this goal they fix a finite cyclic\r\n group *G* and a generator *g* of *G*. Then A and B\r\n pick random integers *a*,*b* respectively and exchange\r\n *h*A=*g*ˆ*a*\r\n and *h*B=*g*ˆ*b*. Finally they\r\n compute *h*Bˆ*a*=*g*ˆ*ba*\r\n and *h*Aˆ*b*=*g*ˆ*ab*, and\r\n since *g*ˆ*ab*=*g*ˆ*ba* this element\r\n can be used as their secret key.

It is clear that solving the underlying discrete logarithm problem\r\n is sufficient for breaking the Diffie-Hellman protocol. For this\r\n reason one has been searching for groups in which the discrete\r\n logarithm problem is considered to be a computationally hard\r\n problem. Among the groups that have been proposed as candidates are\r\n the multiplicative group of a finite field and the group over an\r\n elliptic curve. It should however be pointed out that the\r\n infeasibility of the discrete logarithm problem has not been proved\r\n in any concrete group.

Discrete logarithm based cryptosystems can be generalized in the\r\n framework of *semigroup actions* (see e.[...]

The crypto group of TELECOM-ParisTech is looking for six Ph.D. students, on various topics linked to side-channel cryptanalysis.

The subjects are:

- Fault Injection for Reverse-Engineering (FIRE)
- Electromagnetic observation and injection, using information-theoretic tools
- Formal proof of countermeasures against attacks targeting cryptographic implementations
- Bus and memory encryption/integrity in embedded systems with SecBus — hardware aspects
- Information leakage of NFC-enabled smartphones by magnetic analysis
- Distinguishing side-channel distinguishers

2012-05-22

The Queensland University of Technology (QUT) in Brisbane, Australia, invites applications for full-time Lecturer positions starting in 2012. Up to nine positions are available in the Science and Engineering Faculty.

The Science and Engineering Faculty at QUT has an active research group in cryptography, network security, and digital forensics, with a leading national profile and strong international links.

Applicants should have completed (or be under examination for) a PhD and be early career researchers (less than three years in an academic role). Appointee(s) will develop and maintain an active research program, teach at undergraduate and graduate levels, supervise research students, and participate in QUT\\\'s Early Career Academic Development program.

Recent research has shown that many popular web applications are vulnerable to side-channel attacks on encrypted streams of network data produced by the interaction of a user with an application. As a result, private user data is susceptible to being recovered by a side-channel adversary. A recent focus has been on the development of tools for the detection and quantification of side-channel information leaks from such web applications. In this work we describe a model for these web applications, analyse the effectiveness of previous approaches for the quantification of information leaks, and describe a robust, effective and generically applicable metric based on a statistical estimation of the mutual information between the user inputs made in the application and subsequent observable side-channel information. We use our proposed metric to construct a test capable of analysing sampled traces of packets to detect information leaks, and demonstrate the application of our test on a real-world web application.

2012-05-21

A self-pairing is a pairing computation where both inputs are the same group element. Self-pairings are used in some cryptographic schemes and protocols. In this paper, we show how to compute the Tate-Lichtenbaum pairing (D,\\phi(D)) on a curve more efficiently than the general case. The speedup is obtained by requiring a simpler final exponentiation. We also discuss how to use this pairing in cryptographic applications.

We consider public-key encryption schemes based on error-correcting

codes that are IND-CCA2 secure in the standard model. We analyze a system due

to Dowsley, Muller-Quade and Nascimento. We then show how to instantiate the

Rosen-Segev framework with the McEliece scheme.

Based in the Cryptography group which has grown considerably in the last year, you will be an additional researcher in one of the following areas:

•Analysis of “real world” protocols

•Formal Methods applied to security protocols

•Fully Homomorphic Encryption

•Lattice Based Cryptography

•Provable Security, i.e. Protocol and Mechanism design

The post is funded by an ERC Advanced Grant awarded to Prof. Nigel Smart.

The expected starting date will be as soon as possible depending on the your circumstances.

Please apply using the Online System linked to from the link below. We cannot accept applications via email.

Submission: 16 June 2012

Notification: 15 July 2012

From September 13 to September 14

Location: Pisa, Italy

More Information: http://stm2012.dti.unimi.it